A company had one of its Amazon EC2 key pairs compromised. A Security Engineer must identify which current Linux EC2 instances were deployed and used the compromised key pair. How can this task be accomplished?
A) Obtain the list of instances by directly querying Amazon EC2 using: aws ec2 describe-instances --filters "Name=key-name,Values=KEYNAMEHERE" . Obtain the list of instances by directly querying Amazon EC2 using: aws ec2 describe-instances --filters "Name=key-name,Values=KEYNAMEHERE" .
B) Obtain the fingerprint for the key pair from the AWS Management Console, then search for the fingerprint in the Amazon Inspector logs.
C) Obtain the output from the EC2 instance metadata using: curl http: //169.254.169.254/latest/meta-data/public- keys/0/.
D) Obtain the fingerprint for the key pair from the AWS Management Console, then search for the fingerprint in Amazon CloudWatch Logs using: aws logs filter-log-events . Obtain the fingerprint for the key pair from the AWS Management Console, then search for the fingerprint in Amazon CloudWatch Logs using: aws logs filter-log-events
Correct Answer:
Verified
Q57: In response to the past DDoS attack
Q58: During a security event, it is discovered
Q59: A company plans to move most of
Q60: A Security Engineer must design a system
Q61: A Security Engineer for a large company
Q63: A company has five AWS accounts and
Q64: A company has a few dozen application
Q65: Which of the following are valid event
Q66: A company is building a data lake
Q67: A Security Engineer must implement mutually authenticated
Unlock this Answer For Free Now!
View this answer and more for free by performing one of the following actions
Scan the QR code to install the App and get 2 free unlocks
Unlock quizzes for free by uploading documents